Schneider Electric ION Power Meter CSRF Vulnerability

NCCIC/ICS-CERT is aware of a public report of a cross site request forgery (CSRF) vulnerability with proof-of-concept (PoC) exploit code affecting Schneider Electric’s ION Power Meter products. According to this report, exploitation of this vulnerability can allow unauthorized actions on the device, such as configuration parameter changes and saving modified configuration. This report was released while ICS-CERT was working with Schneider Electric to mitigate the vulnerability. Schneider Electric reports that the vulnerability affects the following products: ION 73xx, ION 75xx, ION 76xx, ION 8650, ION 8800, and PM5xxx. Schneider Electric has identified mitigations for this and other issues and will notify their customers. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.